Is it possible to get a count of members that belong to a specific group based on the OU? When I run the code below it is giving me the value of 3 for each OU when there is only 1 OU that has a value of 3, the rest should be 0. It is running the Get-ADGroupMember -Identity “Test_Group”).count against the whole active directory structure instead of just for each OU??
import-module activedirectory
foreach ($ou in Get-ADOrganizationalUnit -filter * -SearchScope 1){
$computers = 0 + (get-adcomputer -filter * -searchbase $ou.distinguishedname).count
$ou | add-member -membertype noteproperty -name Computers -value $computers -force
Foreach ($Member in $ou){
(Get-ADGroupMember -Identity “Test_Group”).count
}
$ou | select name,computers
}
My interpetation of your question is that for a paricular AD Group you are looking for a member count based on OU or container.
Get-ADGroupMember -Identity "insert_your_group" -Recursive |
Where-Object{$_.objectClass -eq "User"} |
Get-ADUser -Properties canonicalname |
Select-Object @{Name='Container';Expression={$_.canonicalname | split-path -parent}} |
Group-Object container |
Select Name,Count
Breaking this down line by line
-Recursive so the groups themselves can be ignored.Get-ADUser call. We need the canonicalname as that is how we get the information for the parent containercanonicalname split it up (like you would a directory) and just take the -parent portion.-NoElement if the users themselves is not used in a downstream process.select-object statment.Output
Name Count
---- -----
Domain.Local\OU\SubOU 8
Domain.Local\OU\SubOU2 8
Domain.Local\OU\SubOU5 2